Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


dekeeu last won the day on September 7 2015

dekeeu had the most liked content!


354 Excellent

About dekeeu

  • Rank
  • Birthday 12/22/1996

Contact Methods

  • Website URL


  • Location
  • Interests
    Security Enthusiast
  • Occupation
    Web Application Security Pentesting

Recent Profile Visitors

3580 profile views
  1. Mi-am luat un bilet la Defcamp (de student) dar nu mai pot ajunge, așa că îl ofer gratis (cred că singura condiție e sa fie student și să aibă carnet vizat). E destul de târziu dar dacă sunteți interesați, PM.
  2. Nu stiu daca e chiar o vulnerabilitate, mai degraba un feature. Stiu ca si pe VBulletin 4.* exista un "Open Redirect" lasat in formularul de inregistrare, care n-a fost fixat niciodata.
  3. Ca un mic detaliu, oferta aceea e permanenta/
  4. De asemenea poti folosi: intext:"text" site:site-ultau.ro intitle:"text" site:site-ultau.ro inurl:"text" site:site-ultau.ro
  5. Imi pare rau de el, ca nu a primit nimic $$ de la FB, dar asta e dezavantaju atunci cand incerci sa te bagi prea "deep" . Oricum facebook a mai acceptat research-uri de genu' (si le-a "platit"): https://bitquark.co.uk/blog/2014/08/31/popping_a_shell_on_the_oculus_developer_portal
  6. Mie mi s-a calculat si cerut intotdeauna tva-ul (*comanda din Coreea) si trebuia sa aduc o factura care sa confirme ca pretul produsului se incadreaza intr-o anumita suma (tabelul de mai sus).
  7. Depinde de tara din care trimite expeditorul. Produsele care vin dintr-o tara NON-UE , se opresc mai intai la oficiul pentru posta vamala, unde se percepe TVA.
  8. Variabila LungimeY nu este setata corect. Numerotarea liniilor se face de la 0 , deci daca matricea ta va avea 3 randuri, variabila LungimeY va avea valoarea 2. Modifica cele 2 for-uri astfel incat sa incluzi toate liniile: for(i=0;i<=LungimeY;i++) { for(j=0;j<=LungimeX;j++) { TestIn.get(Grid[j]); } } for(i=0;i<=LungimeY;i++) { for(j=0;j<=LungimeX;j++) { cout<<Grid[j]; } }
  9. Simplu , apelând func?ia strcpy(s+i,s+j) copiezi con?inutul ?irului care începe la pozi?ia s+j, peste ?irul care începe la pozi?ia s+i.
  10. #include <iostream.h> #include <string.h> void sterge(char s[], int poz, int nr){ strcpy(s+poz,s+nr+1); } int main(){ char s[]="abcdefghijklmnopqrstuvwxyz"; sterge(s,1,3); cout<<s; }
  11. Hello there. In this blog post I'll tell you how I've managed to read arbitrary files from the Google servers by finding/exploiting a Local-File-Inclusion vulnerability. This flaw was found in one of the Google products, Google Feedburner, and was fastly fixed by Google Security Team. As Wikipedia says, "FeedBurner is a web feed management provider launched in 2004.[...]FeedBurner provides custom RSS feeds and management tools to bloggers, podcasters, and other web-based content publishers." . This product was in the past one of my targets and as I had already discovered a few xss-es in this domain, I realized that there could be more interesting bugs here. So, I did some research and after a while I discovered that FeedBurner had an open API, but it was officially deprecated by Google in 2012. However, even if the documentation files were deleted (https://developers.google.com/feedburner/), the "Wayback Machine" (Internet Archive: Wayback Machine) saved these pages and I was able to read them. This is how I've discovered the link that caught my attention : http://feedburner.google.com/fb/dynamicflares/HelloVisitor.jsp?feedUrl=http://domain.tld/ff.xml (it isn't working anymore) .This script was used for retrieving the content of Dynamic FeedFlare Unit files, which are basically simple xml documents built after a certain scheme . For those who aren't familiar with the FeedFlares, it's important to know that these are more like some kind of addons, used by Feed owners in order to give their readers new methods of interacting with their content. (ex: Hello, Visitor) At first glance, the purpose of this script was to grab the XML document submitted as value for feedUrl parameter and perform a XSL tranformation on it. The problem with this file was that it only appended the content of the provided XML in the context of the page without modifying or even encoding it. My first attempt was only to find an XSS and I succeded by providing an URL that points to a malicious html file. But I felt that there could be a vulnerability with a major impact like reading files from the webserver, so I started my research with some classic payloads, injecting a directory traversal, a method tipically used in LFI attacks ("../../../../../../../etc/passwd"), but it didn't work. Nevertheless,by changing the method and using the file URI scheme, I was able to retrieve files from the server. Unfortunately, not all the files were readable due to the Security policy file, but accessing some log files were enough to prove the existence of this vulnerabiliy. I've submitted this flaw to Google and it was fixed within 10 minutes after the triage. Also, I've uploaded a short Video PoC which demonstrates this issue: --- Articol original: http://ownsecurity.blogspot.ro/2015/08/how-i-found-sweets-inside-google.html Vulnerabilitatea a fost reparat?
  12. hint: filetype:gif donate ->Google Înc? nu pot s? cred c? ai f?cut topicul asta ca s? ceri gif-uri ..
  13. You can't <inject> a website. You can modify the current SQL syntax (by exploiting a vulnerable user input parameter) and insert (inject) your own. (SQLi) Let's speak hackerish.
  • Create New...